Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

43 advisories

Loading
Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of... Critical Unreviewed
CVE-2025-1298 was published Feb 14, 2025
Official Document Management System developed by 2100 Technology has an Authentication Bypass... Critical Unreviewed
CVE-2025-8853 was published Aug 11, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Critical Unreviewed
CVE-2025-36594 was published Aug 4, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-43245 was published Jul 30, 2025
A cryptographic authentication bypass vulnerability exists in OneLogin AD Connector prior to 6.1... Critical Unreviewed
CVE-2025-34063 was published Jul 1, 2025
AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication... Critical Unreviewed
CVE-2024-54085 was published Mar 11, 2025
A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and... Critical Unreviewed
CVE-2023-51350 was published Jan 12, 2024
An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses... Critical Unreviewed
CVE-2023-41591 was published May 29, 2025
An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running... Critical Unreviewed
CVE-2017-14003 was published May 13, 2022
An issue in TOTVS Framework (Linha Protheus) 12.1.2310 allows attackers to bypass multi-factor... Critical Unreviewed
CVE-2024-55210 was published Apr 9, 2025
A vulnerability in the web-based management interface of Cisco Small Business RV042 Series... Critical Unreviewed
CVE-2023-20025 was published Jan 20, 2023
In the case of instances where the SAML SSO authentication is enabled (non-default), session data... Critical Unreviewed
CVE-2022-23131 was published Jan 14, 2022
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27671 was published Mar 5, 2025
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2022-48349 was published Mar 28, 2023
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote... Critical Unreviewed
CVE-2023-31424 was published Aug 31, 2023
The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed
CVE-2022-3180 was published Feb 12, 2025
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to... Critical Unreviewed
CVE-2025-21415 was published Jan 30, 2025
By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Critical Unreviewed
CVE-2024-29006 was published Apr 4, 2024
The Electronic Official Document Management System from 2100 Technology has an Authentication... Critical Unreviewed
CVE-2024-13061 was published Dec 31, 2024
In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp... Critical Unreviewed
CVE-2024-12108 was published Dec 31, 2024
An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is... Critical Unreviewed
CVE-2024-54450 was published Dec 27, 2024
The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15... Critical Unreviewed
CVE-2024-23674 was published Feb 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7... Critical Unreviewed
CVE-2024-6678 was published Sep 12, 2024
Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry... Critical Unreviewed
CVE-2024-37082 was published Jul 3, 2024
Windows Kerberos Security Feature Bypass Vulnerability Critical Unreviewed
CVE-2024-20674 was published Jan 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database